Summary

Adobe has released security updates for Adobe Experience Manager. These updates resolve a reflected cross-site scripting vulnerability rated moderate in the HtmlRendererServlet (CVE-2017-3109), an information disclosure vulnerability (CVE-2017-3111) rated important in which a sensitive token is included in an http GET request under certain circumstances, and a cross-site scripting vulnerability (CVE-2017-11296) in Apache Sling Servlets Post 2.3.20 rated important.